Among the attack tools described in the data dump posted online by WikiLeaks Tuesday are those that appear to be able to exploit cameras, TVs, smartphones and other devices connected to the internet. CIOs should assume bad actors already use similar tools, said Michael Zweiback, a partner at the law firm Alston & Bird LLP.

“IoT devices have not been developed generally with security in mind,” said Mr. Zweiback, who specializes in data security investigations. “They need to be constantly evaluated to see if they create vulnerabilities that hadn’t been considered when they were first deployed.”

Despite such risks, companies aren’t likely to be deterred from deploying Internet of Things devices or building new business models that rely on collecting and analyzing data from sensors connected to their products, he said. “IoT is too efficient to stop,” he said.

Gregory Touhill, former federal chief information security officer, said manufacturers of consumer devices should improve their security features. CIOs and CISOs can advocate for better security in such products, he said.

“Why are manufacturers shipping products with inherent security vulnerabilities? I’m hoping that in the aftermath of this event that consumers will be putting security as part of their requirements as they move forward,” he said.

For CIOs, any IoT strategy must include a risk assessment, Mr. Zweiback said. Decide carefully where particular kinds of data are needed and where they should be stored for maximum protection, he advised. Such architecture decisions can differ by industry and company, he said.

WikiLeaks said the 8,761 documents and files it made public Tuesday describe techniques the CIA uses to circumvent the security of dozens of products, including mobile phones from Apple Inc., software fromAlphabet Inc.’s Google and Microsoft Corp., and televisions fromSamsung Electronics Co., the WSJ previouslyreported.

Apple late Tuesday said itsanalysis found that many of the potential vulnerabilities disclosed were patched by the latest version of iOS, its mobile operating system. Microsoft and Google said they were investigating the issue. A Samsung spokesman on Wednesday said the company was aware of the report and was looking into the matter.

VIDEO: R. James Woolsey, former Central Intelligence director, and former U.S. Chief Information Security Officer Gregory Touhill and rank the actors that pose the greatest threat to U.S. security. They speak with The Wall Street Journal's Gerald Seib at the CIO Network in San Francisco, Feb. 28, 2017.